control-metalayer-loop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's CI and E2E workflow templates (assets/templates/scripts/control/web_e2e.sh and .github/workflows/web-e2e.yml, plus the "Web changes require browser-level E2E checks" guidance in references/rules-and-commands.md) explicitly fetch and exercise APP_BASE_URL/PLAYWRIGHT_BASE_URL (via Playwright or curl) so external/public URLs can be loaded and their content used as sensor outcomes that influence control decisions and actions.